On Wed, 17 Apr 2024 at 15:36, General Email <general.email.12341234@xxxxxxxxx> wrote: > > > Anyways, I looked more on google and I think that I have found what I was looking for on this page: > https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a > Few days ago, I configured SSL and enabled HTTPS on Apache 2.4. It is working fine. I am listing the steps below, in case it helps someone. -------------------------------------------------------------- Enabling HTTPS and Configuring SSL in Apache 2.4 on Windows 10 Date: April, 2024 -------------------------------------------------------------- -------------------------------------------------------------------------------- VERY IMPORTANT: You should not follow this process for a production environment because self-signed SSL certificate (that is being generated here) is a security risk. You should follow this process only for the local development environment. -------------------------------------------------------------------------------- ------------------------------------- Please follow the steps listed below: ------------------------------------- Step 1: Stop Apache web server if it is already running. Step 2: Add "absolute_path_to_apache24_dir\bin" to the system environment variable "Path". openssl.exe is in this folder. Step 3: Open the Windows command prompt and change directory to "absolute_path_to_apache24_dir\conf". Step 4: On the command prompt, execute the following command: set OPENSSL_CONF=absolute_path_to_apache24_dir\conf\openssl.cnf If "absolute_path_to_apache24_dir" contains spaces then enclose the path in quotes. Step 5: Check that the OPENSSL_CONF variable is set to correct directory by executing the following command on the command prompt: echo %OPENSSL_CONF% Step 6: On the command prompt, execute the following command (openssl.exe is in "absolute_path_to_apache24_dir\bin" folder): openssl genrsa -out cert.key 2048 Step 7: On the command prompt, execute the following command: openssl req -new -key cert.key -out cert.csr When you execute this command, you will be asked to give input for some fields. I had given input for only one field (and for other fields, I just hit "Enter" key): Common Name (e.g. server FQDN or YOUR name) []:localhost Step 8: On the command prompt, execute the following command: openssl x509 -req -days 3650 -in cert.csr -signkey cert.key -out cert.crt Step 9: Change a few lines in the "absolute_path_to_apache24_dir\conf\httpd.conf" file. I am listing the lines after the changes. I am not listing the original lines. You can search and change/replace the original lines. The changed lines are: Define SRVROOT "absolute_path_to_apache24_dir" LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule ssl_module modules/mod_ssl.so ServerName localhost:80 Include conf/extra/httpd-ssl.conf Step 10: Change a few lines in the "absolute_path_to_apache24_dir\conf\extra\httpd-ssl.conf" file. I am listing the lines after the changes. I am not listing the original lines. You can search and change/replace the original lines. The changed lines are: ServerName localhost:443 ServerAdmin admin@xxxxxxxxxxxxxxxxxxxxxxxxx SSLCertificateFile "${SRVROOT}/conf/cert.crt" SSLCertificateKeyFile "${SRVROOT}/conf/cert.key" Step 11 (Last Step): Now, you can start Apache web server and test. Since the security certificate that was generated here is self-signed, the browser may show you a warning that the connection/certificate, etc. is not trusted. But since this is your local development environment, you can ignore this warning and accept the risk and go ahead with the testing/development, etc. I do the same (ignore the warning and accept the risk). ==== End ==== --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx